AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
A Less is More Strategy for Data Risk Mitigation
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
Approach to Responsible AI
Why Privacy Matters to Your Business and What's in Store for 2025
No Password Required Podcast: Senior Security Researcher at Nokia and Guardian of Secure AI Networks
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
Constangy Clips Ep. 7- 4 New Year’s Resolutions to Keep Your Cyber Data Safe and Secure in 2025
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
AI Talk With Juliana Neelbauer - Episode Three - Cybersecurity Insurance: Coverage Challenges and Changes
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
Protect, Prepare, Prevail: Navigating a Complex Cybersecurity World
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Crafting an Effective Law Firm Generative AI Policy for Responsible Business Use: On Record PR
2025 Privacy Law Preview: Be Prepared
Podcast - Bowling with Bumpers: Using a Privacy Framework to Set Your Company Up for a Strike
The UK is poised to reshape its data protection landscape with the introduction of the UK Data (Use and Access) Act (the "DUA Act"). As one of the most significant reforms in UK data law since the GDPR came into effect, the...more
After a legislative reform that has seen four different Prime Ministers, three different Bills and many deliberations across both Houses of Parliament, the UK is now on course to introduce some changes to the data protection...more
No Safe Harbor: New DOJ Data Export Rule Restricts Deidentified Data Transfer - This article outlines new requirements from the Department of Justice regarding “bulk sensitive data”, including de-identified, anonymized,...more
On May 14, 2025, the European Data Protection Board ("EDPB") issued a favorable opinion on granting a six-month extension to the existing adequacy decisions for the UK, following a formal proposal from the European...more
On May 8, 2025, the Federal Labor Court Bundesarbeitsgericht (“BAG”) issued a significant ruling concerning an employee’s claims for damages due to unlawful data transfers within a corporate group. The BAG ruled that works...more
The launch of the Global Cross Border Privacy Rules (CBPR) and Privacy Rules for Processors (PRP) systems on June 2, 2025 offers a framework to manage increasingly difficult standards for global data privacy governance....more
This monthly report outlines key developments in China’s data protection sector for May. The following events merit special attention...more
In August 2024, China Judgements Online published a ruling issued by the Guangzhou Internet Court on September 8, 2023, in a case widely regarded as China’s first judicial decision addressing cross-border personal information...more
In recognition of the GDPR's 7th anniversary on May 25, 2025, Constangy Cyber Team member Matthew Basilotto explores how the European Union’s General Data Protection Regulation (GDPR) continues to adapt in the face of...more
As questions of trust, surveillance, and data sovereignty become central to global trade, businesses face mounting pressure to prove not just compliance but true accountability. That’s why we turned to Constantine...more
On April 28 2025, the Court of Justice of the European Union (CJEU) published an updated version of the fact sheet (the Fact Sheet) summarising key case law on protection of personal data. The Fact Sheet covers the case law...more
The Belgian Data Protection Authority recently ruled that a Belgian government entity, FPS Finance, cannot transfer the personal data of “accidental Americans” to the IRS. According to the decision, the transfers needed to...more
Malaysia’s newly released Cross Border Personal Data Transfer Guidelines mark a groundbreaking shift in its data protection regulatory landscape, requiring data controllers to conduct Transfer Impact Assessments and implement...more
On May 2, 2025, the Irish Data Protection Commission (“DPC”) issued a decision, as lead supervisory authority, finding that TikTok infringed the GDPR regarding (a) its cross-border transfers of EEA User Data to China, and (b)...more
Bienvenue à la toute première édition de l’infolettre Gouvernail des données de Blakes, une publication du groupe Protection de la vie privée et des données de Blakes. Cette infolettre a pour but d’effectuer un survol des...more
On April 8, the U.S. Department of Justice’s (DOJ) Final Rule, codified at 28 CFR Part 202, (Final Rule), implementing President Biden’s Executive Order 14117 “Preventing Access to U.S. Sensitive Personal Data and...more
In a noteworthy step toward international privacy collaboration, the California Privacy Protection Agency (CPPA) has entered into a formal declaration of cooperation with the U.K. Information Commissioner's Office (ICO). This...more
Are you using artificial intelligence in your business operations? Do you have AI embedded in the goods and services you offer customers? The regulatory framework applicable to AI continues to develop, including across US...more
If you are a compliance professional for a U.S.-based company, you have probably been told at some point that you have to worry about the General Data Protection Regulation (GDPR). Have you encountered one of these...more
The EU regulation designed to facilitate secondary use of clinical data for research brings benefits for health research, but also poses challenges for companies....more
On April 8, 2025, the United States Department of Justice’s (DOJ) National Security Division’s (NSD) final rule (Final Rule) regulating certain sensitive US data transfers took effect. DOJ has made clear that it will take...more
This monthly report outlines key developments in China’s data protection sector for March. The following events merit special attention...more
On 19 March 2025, the European Data Protection Board published an updated procedure for co-operation between EU data protection supervisory authorities approving GDPR Binding Corporate Rules for intra-group transfers of EU...more
On March 20, 2025, the evening edition of the Federal Official Gazette published a decree (the "Decree") enacting the General Law on Transparency and Access to Public Information ("LGTAIP"), the General Law on the Protection...more
On March 18, 2025, the European Commission proposed to extend its adequacy decision in favor of the United Kingdom (‘UK’) for an additional six-month period. This would allow free flows of personal data from the EU to the UK...more